Method and system to securely migrate and provision virtual machine images and content
    5.
    发明授权
    Method and system to securely migrate and provision virtual machine images and content 有权
    安全迁移和配置虚拟机映像和内容的方法和系统

    公开(公告)号:US08924720B2

    公开(公告)日:2014-12-30

    申请号:US13629128

    申请日:2012-09-27

    Abstract: A method, device, and system for securely migrating and provisioning a virtual machine image to a host device of a cloud service provider environment (CSPE) is disclosed. A customer device encrypts a virtual machine image (VMI) and stores the VMI in the CSPE. The host device retrieves the encrypted VMI from the object store and sends host trust data (including a symmetric key extracted from the encrypted VMI, the symmetric key being encrypted with the customer public key) to a key management server for trust attestation. If the key management server successfully attests the host device, the key management server decrypts the encrypted symmetric key using the customer private key and re-encrypts the symmetric key using the host public key. The host device receives the re-encrypted symmetric key from the key management server, decrypts it using the host private key, and decrypts the encrypted VMI using the symmetric key.

    Abstract translation: 公开了一种用于将虚拟机映像安全迁移并提供给云服务提供商环境(CSPE)的主机设备的方法,设备和系统。 客户设备加密虚拟机映像(VMI)并将VMI存储在CSPE中。 主机设备从对象存储中检索加密的VMI,并向密钥管理服务器发送主机信任数据(包括从加密的VMI提取的对称密钥,用客户公钥加密的对称密钥)到信任认证的密钥管理服务器。 如果密钥管理服务器成功验证主机设备,则密钥管理服务器使用客户私钥解密加密对称密钥,并使用主机公钥对对称密钥进行重新加密。 主机设备从密钥管理服务器接收重新加密的对称密钥,使用主机私钥对其进行解密,并使用对称密钥解密加密的VMI。

    TECHNOLOGIES FOR ATTESTING A DEPLOYED WORKLOAD USING BLOCKCHAIN

    公开(公告)号:US20200007511A1

    公开(公告)日:2020-01-02

    申请号:US16023264

    申请日:2018-06-29

    Abstract: Technologies for attesting a deployment of a workload using a blockchain includes a compute engine that receives a request from a remote device to validate one or more parameters of a managed node composed of one or more sleds. The compute engine retrieves a blockchain associated with the managed node. The blockchain includes one or more blocks, each block including information about the parameters of the managed node. The compute engine validates the blockchain and sends an indication that the blockchain is valid to the requesting device.

    Technologies for high-performance network fabric security

    公开(公告)号:US10432586B2

    公开(公告)日:2019-10-01

    申请号:US15531168

    申请日:2014-12-27

    Abstract: Technologies for fabric security include one or more managed network devices coupled to one or more computing nodes via high-speed fabric links. A managed network device enables a port and, while enabling the port, securely determines the node type of the link partner coupled to the port. If the link partner is a computing node, management access is not allowed at the port. The managed network device may allow management access at certain predefined ports, which may be connected to one of more management nodes. Management access may be allowed for additional ports in response to management messages received from the management nodes. The managed network device may check and verify data packet headers received from a compute node at each port. The managed network device may rate-limit management messages received from a compute node at each port. Other embodiments are described and claimed.

    Method and System to Securely Migrate and Provision Virtual Machine Images and Content
    8.
    发明申请
    Method and System to Securely Migrate and Provision Virtual Machine Images and Content 有权
    安全地迁移和提供虚拟机映像和内容的方法和系统

    公开(公告)号:US20150082031A1

    公开(公告)日:2015-03-19

    申请号:US14550295

    申请日:2014-11-21

    Abstract: A method, device, and system for securely migrating and provisioning a virtual machine image to a host device of a cloud service provider environment (CSPE) is disclosed. A customer device encrypts a virtual machine image (VMI) and stores the VMI in the CSPE. The host device retrieves the encrypted VMI from the object store and sends host trust data (including a symmetric key extracted from the encrypted VMI, the symmetric key being encrypted with the customer public key) to a key management server for trust attestation. If the key management server successfully attests the host device, the key management server decrypts the encrypted symmetric key using the customer private key and re-encrypts the symmetric key using the host public key. The host device receives the re-encrypted symmetric key from the key management server, decrypts it using the host private key, and decrypts the encrypted VMI using the symmetric key.

    Abstract translation: 公开了一种用于将虚拟机映像安全迁移并提供给云服务提供商环境(CSPE)的主机设备的方法,设备和系统。 客户设备加密虚拟机映像(VMI)并将VMI存储在CSPE中。 主机设备从对象存储中检索加密的VMI,并向密钥管理服务器发送主机信任数据(包括从加密的VMI提取的对称密钥,用客户公钥加密的对称密钥)到信任认证的密钥管理服务器。 如果密钥管理服务器成功验证主机设备,则密钥管理服务器使用客户私钥解密加密对称密钥,并使用主机公钥对对称密钥进行重新加密。 主机设备从密钥管理服务器接收重新加密的对称密钥,使用主机私钥对其进行解密,并使用对称密钥解密加密的VMI。

Patent Agency Ranking